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Art Unit: 2132 

DETAILED ACTION 
Response to Amendment 

1. This action is in response to the amendment filed 03/24/08. Claims 
31-34 and 37-39 have been amended; Claims 50-53 have been canceled. 

Response to Arguments 

2. Applicant's arguments with respect to the rejection of claims 1-4, 7- 
14, 31-34, 37-41 and 44-46 under 35 U.S.C. 112, second paragraph, as 
being incomplete for omitting essential steps have been fully considered but 
they are not persuasive. Applicant argues that Figure 3 discloses 
processes/subprocess but not "steps" and, therefore, they may be 
performed in any order, in series or parallel (page 17, 1 st paragraph). 
One of ordinary skill in the art would readily recognize that the steps 
described in Figure 3 were supposed to be completed in a certain order (i.e., 
according to the flow of the drawing) no matter what these steps are called 
(acts, processes, or subprocess). Applicant is requested to provide logical 
and working examples to support the assertion that these steps may be 
performed in any order (e.g., does it make sense to perform step 312 before 
step 304, or step 316 before step 306?). 

Applicant argues that the elements are not "essential" because they 
are not "described by the applicant(s) as necessary to practice the invention" 
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as required under MPEP 2172.01 (page 17, last paragraph). According to 
MPEP 2172.01, a claim does not necessarily fail to comply with 35 
U.S.C. 112, second paragraph where the various elements do not function 
simultaneously, are not directly functionally related , do not directly 
intercooperate, and/or serve independent purposes. The steps described in 
figure 3 are directly functionally related, i.e., the completion and result of 
one step is necessary to perform the next step. 

3. Applicant's arguments with respect to the rejection of claim 1 under 35 
U.S.C. 103(a) as being unpatentable over Miliefsky (US 2005/0044418 Al) 
in view of Moshir et al. (US 2004/0003266 Al) have been fully considered 
but they are not persuasive. 

Applicant argues that Miliefsky and Moshir fail to teach or suggest 
"each of the plurality of security engines processing at least a portion of the 
new security policy to establish new rules for operation of the security 
engine while the security engine continues to operate according to previous 
rules" (page 21). Moshir discloses that security policy updating starts with 
(i) downloading the new/updated policy and then (ii) installing the 
downloaded new/updated policy (paragraph 0075). The downloading step is 
functionally equivalent to processing at least a portion of the new security 
policy to establish new rules for operation of the security engine. In 
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addition, the new/updated security policy is not in effect until the installing 
step is completed (i.e., until it is installed). Therefore, the current security 
policy is still in effect during the downloading step. 

Applicant argues that Miliefsky and Moshir fail to teach or suggest 
"switching, after each of the plurality of security engines is ready to begin 
using the new security policy, each of the plurality of security engines to the 
new rules substantially concurrently" (page 22, first full paragraph). Moshir 
discloses that policy updates are delivered/downloaded to users' computers 
in the background and then "auto-installed according to a schedule set by 
the administrator" (par. 0133, 0158). In a best case scenario, the updates 
are installed properly on each user computer, and, thus, these computers 
switch to the update policy substantially concurrently. 

4. Applicant's arguments with respect to the rejection of claims 31 and 
40 under 35 U.S.C. 103(a) as being unpatentable over Moshir in view of 
Date ("An Introduction to Database System") have been fully considered but 
they are not persuasive. Applicant argues that Moshir and Date fail to teach 
or suggest "continue to use a previous set of rules and associated data until 
an indication to begin using the new set of rules and associated data is 
identified." (page 25, last paragraph; page 26, last paragraph). Date 
discloses a two-phase commit protocol used in an update operation involving 
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multiple participants whereby each participant receives a system-wide 
commit command if all of the participants have successfully processed the 
update (page 463). 

With respect to claim 14, Applicant argues that Date do not teach 
firing an event across all of the security engines at once (page 25, first 
paragraph). Date discloses that the coordinator informs each participants of 
its "commit" decision (page 463, phase 2). 

Claim Rejections - 35 USC §103 

5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis 
for all obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or 
described as set forth in section 102 of this title, if the differences between the subject 
matter sought to be patented and the prior art are such that the subject matter as a 
whole would have been obvious at the time the invention was made to a person having 
ordinary skill in the art to which said subject matter pertains. Patentability shall not be 
negatived by the manner in which the invention was made. 

6. Claims 1-2 and 7-13 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Miliefsky (US 2005/0044418 Al) in view of Moshir et al. 
(US 2004/0003266 Al). Miliefsky discloses a computing device comprising a 
plurality of security engines each having a current security policy (i.e., an 
INFOSEC ENGINE with plug-in components such as a firewall engine, an 
antivirus engine, an intrusion detection engine, a vulnerability analysis 
engine, a denial-of-service engine, etc.) (Fig. 7; paragraph 0039). Miliefsky 
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also discloses updating the security policies (i.e., performing security 
updates and upgrade patches for the plug-in components) (paragraph 
0041). Miliefsky does not disclose switching, after each of the plurality of 
security engines is ready to begin using new security policy, each of the 
plurality of security engines to the new rules substantially concurrently. 
Moshir discloses a method and system for updating security policies for a 
plurality of security engines (i.e., antivirus software files, a security 
fix/patch) (paragraphs 0059, 0181). Specifically, Moshir discloses that the 
security policies for the plurality of security engines are updated according to 
a scheduled rollout, and each security engine is to report the result of the 
update, whether a success or a failure/error. Moshir further discloses that if 
a failure is detected, an order is issued to the security engines to rollback to 
their previous state; otherwise, the rollout is successful and the new security 
policy is in effect (paragraphs 0030, 0074-0078, 0133, 0158, 0190). It 
would have been obvious to one of ordinary skill in the art at the time the 
invention was made to incorporate Moshir's method of updating security 
policies into Miliefsky's system. The motivation for doing so would have 
been to leave the network in a usable state in case of a faulty update 
(paragraph 0045). 
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7. Claims 3-4 and 14 re rejected under 35 U.S.C. 103(a) as being 
unpatentable over Miliefsky in view of Moshir as applied to claims 1 and 13, 
and further in view of Date ("An Introduction to Database System"). Moshir 
discloses that the security engines receive a system-wide rollback if any of 
the security engines has failed to process the new security policy; however, 
Moshir does not disclose that the security engines receive a system-wide 
commit command (i.e., an indication such as a function call to switch to the 
new policy) if all of the security engines have successfully processed the new 
security policy. Date, in addition to a system-wide rollback as described in 
Moshir, discloses a two-phase commit protocol used in an update operation 
involving multiple participants whereby each participant receives a system- 
wide commit command if all of the participants have successfully processed 
the update (page 463). It would have been obvious to one of ordinary skill 
in the art at the time the invention was made to modify the combined 
method and system of Miliefsky and Moshir to utilize a system-wide commit 
command, as taught by Date. The motivation for doing so would have been 
to guarantee that all updates could happen in unison (page 463, 1 st 
paragraph). 

8. Claims 31-34, 37-41, 44-46 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Moshir in view of Date. Moshir discloses a method 
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comprising: receiving an indication of a new security policy to be used (i.e., 
new antivirus software files, a security fix/patch); generating a new set of 
rules from the new security policy (i.e., performing updating of the 
file/fix/patch) (paragraphs 0030, 0059, 0074-0078); and switching to the 
new security policy unless a system-wide rollback command is received 
(paragraphs 0030, 0059, 0074-0078). Moshir does not disclose waiting for a 
system-wide commit command before switching to the new security policy. 
Date, in addition to a system-wide rollback as described in Moshir, discloses 
a two-phase commit protocol used in an update operation involving multiple 
participants whereby each participant receives a system-wide commit 
command if all of the participants have successfully processed the update 
(page 463). It would have been obvious to one of ordinary skill in the art at 
the time the invention was made to modify the method of Moshir to utilize a 
system-wide commit command, as taught by Date. The motivation for doing 
so would have been to guarantee that all updates could happen in unison 
(page 463, 1 st paragraph). 

Conclusion 

9. THIS ACTION IS MADE FINAL. Applicant is reminded of the 
extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to 
expire THREE MONTHS from the mailing date of this action. In the event a 
first reply is filed within TWO MONTHS of the mailing date of this final action 
and the advisory action is not mailed until after the end of the THREE- 
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MONTH shortened statutory period, then the shortened statutory period will 
expire on the date the advisory action is mailed, and any extension fee 
pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the 
advisory action. In no event, however, will the statutory period for reply 
expire later than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications 
from the examiner should be directed to MINH DINH whose telephone 
number is (571)272-3802. The examiner can normally be reached on Mon- 
Fri: 10:00am-6:30pm. 

If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, Gilberto Barron can be reached on 571-272-3799. 
The fax phone number for the organization where this application or 
proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained 
from the Patent Application Information Retrieval (PAIR) system. Status 
information for published applications may be obtained from either Private 
PAIR or Public PAIR. Status information for unpublished applications is 
available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on 
access to the Private PAIR system, contact the Electronic Business Center 
(EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272- 
1000. 

/M. D./ 

Examiner, Art Unit 2132 

04/28/08 



/Gilberto Barron Jr/ 

Supervisory Patent Examiner, Art Unit 2132 



